﻿using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using Net5ApiAndEfMySql.DtoModel.Common;
using Net5ApiAndEfMySql.IService.SystemAdmin;
using Net5CommonLib.SystemLib.Common;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace Net5ApiAndEfMySql.ApiProject.Common
{
    public class UserTokenVerificationAttribute : Attribute, IActionFilter
    {
       
        private IAdminUserService _iAdminUserService;
       
        public UserTokenVerificationAttribute(IAdminUserService iAdminUserService)
        {
            _iAdminUserService = iAdminUserService;
          
        }
       
        /// <summary>
        /// 实现过滤器接口的请求执行方法
        /// </summary>
        /// <param name="context"></param>
        public void OnActionExecuting(ActionExecutingContext context)
        {
            //从控制器(Controller)中获取是否有AllowAnonymousAttribute 特性, 如果有则不进行验证,直接跳过去
            AllowAnonymousAttribute[] authoritybtnAttribute = (AllowAnonymousAttribute[])
              ((Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor)
              .ControllerTypeInfo
              .GetCustomAttributes(typeof(AllowAnonymousAttribute), false);
            if (authoritybtnAttribute.Length > 0)
            {
                return;
            }
            //从请求(Action)中获取是否有AllowAnonymousAttribute 特性, 如果有则不进行验证,直接跳过去
            authoritybtnAttribute = (AllowAnonymousAttribute[])
                ((Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor).
                MethodInfo.GetCustomAttributes(typeof(AllowAnonymousAttribute), false);
            if (authoritybtnAttribute.Length > 0)
            {
                return;
            }

            //从header头中获取token
            string token = _iAdminUserService.Token;
            if (string.IsNullOrEmpty(token))
            {
                ResultModel model = new ResultModel();

                model.code = ResultCode.NoLogin;
                model.data = null;
                model.mess = "您没有登录!";

                context.Result = new ContentResult()  //短路,  当你需要从当前申请直接跳出,不往下执行是可以利用短路来实现
                {
                    Content = JsonConvert.SerializeObject(model)
                };
                return;
            }

            ResultCode resultCode = _iAdminUserService.ValidateToken(token);
            //验证token是否有效
            if (resultCode != ResultCode.Ok)
            {
                ResultModel model = new ResultModel();
                model.code = resultCode;
                model.data = null;
                model.mess = "您没有授权!";
                context.Result = new ContentResult()
                {
                    Content = JsonConvert.SerializeObject(model)
                };
            }
        }

        public void OnAuthorization(AuthorizationFilterContext context)
        {

        }



        public void OnActionExecuted(ActionExecutedContext context)
        {
            //throw new NotImplementedException();
        }

    }
}
